Trying to connect to postgres with tokio and ssl

Hello, I'm still a little new to Rust and I'm trying to create an app that makes a connection to a postgres instance I've setup in GCP and for security purposes it had me create a client certificate that consists of:

  • A server certificate saved as server-ca.pem .
  • A client public key certificate saved as client-cert.pem .
  • A client private key saved as client-key.pem .

I have a sample project I've created here: postgres-ssl/main.rs at main · Zolmok/postgres-ssl · GitHub

It builds and seems to run OK, but I'm getting an SSL error:

thread 'main' panicked at 'connect error: error performing TLS handshake: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:../ssl/statem/statem_clnt.c:1914:: IP address mismatch', src/main.rs:69:23

I know the certificates are good because I can connect to it using an app called DataGrip from the same machine using the certificates.

My guess is that I don't have something coded quite right. Would anyone have any idea what might be wrong?

The certificate provided by the server doesn't match the address you're using to connect to it. If that is expected, you can use MakeTlsConnector::set_callback to disable hostname verification with ConnectConfiguration::set_verify_hostname.

1 Like

Thank you so much! That was indeed the solution:

   connector.set_callback(|config, _| {
        config.set_verify_hostname(false);
        Ok(())
    });

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.